Investigation of T301897: Unexpected "isTrusted" value showing up in some author diff output revealed an invalid assumption that json schema defined objects have a closed set of allowed properties by default. As documented upstream, by default any additional properties are allowed. Adding an explicit "additionalProperties": false setting to a "type": "object" definition means no additional properties will be allowed.
For the toolinfo.json schema we should add the "additionalProperties": false setting to all objects other than the "tool" object. This turns out to affect only two defined types, "url_multilingual" and "person" in practice.